"Security Princess" is Parisa Tabriz's official title at Google. Seriously. And yes, you can google that. "'Information Security Engineer' is just completely dry and boring and horrible," she says of the HR-speak title, which indeed whitewashes what Tabriz does all day, which is to hack her employer—the single most recognizable entity of the Internet age—bad-guy-in-basement style. She came up with the moniker before a trip to Japan because she needed business cards to hand out during the elaborate professional introductions traditional in that country. "A couple of people had 'hired hacker,'" she says. "But I like to one-up people. I thought it was cute."

Cute, sure, but it's also because Parisa Tabriz doesn't much care what you think about her. Not in a screw-the-man kind of way—she's too midwestern friendly for that, and, after all, she works for the establishment company of Silicon Valley. It's more that she prefers not to suffer fools. "Some people in other parts of the industry, they introduce themselves as, like, 'vice president,' with all of these certifications," she says, amused. "I couldn't give a shit. You could be Code Monkey Number 507, but if you're doing cool stuff, I'm much more interested in talking to you than to whoever's senior vice president."

In the world of hacking, Tabriz is basically the equivalent of Glinda the Good Witch—all of the power and skills, none of the evil inclinations or armies of marauding monkeys (just the coder ones). Leading a crew of hacker engineers, she is paid to think like a criminal, to suss out weaknesses in Google Chrome—the world's most-used Internet browser—that could be exploited by ne'er-do-wells, then ensure that they're fixed before that can happen. It's a daily preemptive strike against online identity theft that protects millions of people around the world. Add to that that she's only 31, one of the rare women in hacking circles, and the furthest thing from the antisocial tech-whiz stereotype, and it's easy to see why Tabriz is on a rapid upward trajectory.

Glinda-esque as her job might be, Tabriz appears to wear black almost exclusively. "It's slimming," she says, shrugging, not that she needs to worry about that. She has a simpatico face, always worn bare, that could easily elide from one ethnicity to another and a classic Gap-in-its-heyday sleek tomboy aesthetic: dark-wash jeans, clean-line crewnecks, and Chuck Taylors, with the occasional bomber jacket thrown on top.

Tabriz might well be the ideal personification of Google's informal "Don't be evil" motto, at a time when the company is eager to shore up that image, having been rocked by Edward Snowden's leak revealing the secret National Security Agency program that gave federal officials unfettered access to tech-company servers (including Google's) and, by proxy, to users' personal information. The proactive work done by Tabriz and her team is one user-service area that Google can unabashedly brag about.

Hackers exist in a constant state of moral purgatory—the line between right and wrong is often murky—but they like to think of themselves in black-and-white terms all the same. Tabriz's side, the white hats (yes, that's actually what they call themselves), is made up of people like the Good Samaritan who returns the expensive purse she finds on the subway. The black hats (again, a label worn with pride) think the white hats are suckers—not only do they swipe the Birkin, but they rifle through the crocodile-skin datebook inside to find new victims. Black hats weaponize their knowledge of how to attack a system—a so-called exploit—and sell it to the highest bidder.

Tabriz was never going to be a good candidate for the dark side, and in fact, she's an unlikely pick to have ended up a hacker at all. "I wanted to be Jem. Do you know Jem and the Holograms?" she says, referring to the 1980s cartoon—and Hannah Montana predecessor—about a pink-haired girl rocker with a buttoned-down alter ego. We're at Google headquarters in Mountain View, California, sitting in a conference room that's as anodyne as they come—outsiders aren't allowed into the building where Tabriz works, and lest I spirit away any intellectual property, a friendly PR Sherpa with a nose stud is required to escort me everywhere, including the bathroom. (Google toilets, in case you were wondering, feature high-tech automated Japanese-style bidets that allow for controlled water temperature and pressure.)

Growing up in the Chicago suburbs, the daughter of an Iranian-immigrant father, a doctor, and a Polish-American mother, a nurse, Tabriz wasn't exposed to technology in any big way. "I didn't touch computers up until college," she says, or maybe it just feels that way, given how plugged in she is today. Instead, she made a lot of art, played a lot of sports, and competed—hard—with her two brothers. "When I couldn't outmuscle them, I had to outthink them," she says.

Talented in math and science, she chose the University of Illinois at Ur-bana-Champaign's engineering program for college. But Tabriz soon discovered her proclivity for computer science, and, in a move that proves guidance counselors the nation over correct about the importance of extracurriculars, she joined a club that changed her life. It met on Friday nights—the college litmus test for seriousness—and was made up of computer-science students bent on understanding the ins and outs of website security. This was the early aughts, when Facebook was just a glimmer in Mark Zuckerberg's eye. "My website had gotten hacked, so I wanted to figure out why," Tabriz says. "[The meetings were] nothing formal. Just, 'Here's something cool I did, here's some idea I'm trying.' " The club consumed not only Tabriz's intellectual life, but her social one as well. And was she the only woman in the clique? Tabriz thinks for a moment—"There was another girl for a while…." Her familiarity with tech's only-woman-in-the-room dynamic began early.

Steganography—the art of concealing a coded message in plain sight, a form of cryptography—helped train the blossoming hackers in the mind-set of someone with something to hide. While most of Tabriz's practice of steganography was through Web portals, she has learned some of its history. "A Greek emperor would shave a slave's head, tattoo a message on it, let his hair grow back, and then say, 'Go over to that other emperor,' " she says, explaining the roots of the philosophy still used in the modern day—rumor has it that Osama bin Laden encrypted instructions to his terrorist network by hiding them in images on pornographic websites. Tabriz and her friends encrypted less-nefarious messages to one another in e-mail images of cats.

This sense of whimsy is what Tabriz looks for in hackers to this day. "A lot of the people we hire just have this curiosity to try to understand something," she says. "And maybe a bit of a mischievous slant, to try to do something unexpected."

Complicating her hiring needs, Tabriz has to find people skilled enough to outhack the most brilliant cyber scumbag but strong enough to resist the temptations of big illegal money. The aboveboard way to make a living as an independent hacker is to enter contests sponsored by companies. Many, including Google, hand out cash prizes to anyone who can give "proof of concept"—directions for how to find a bug in a program (Google pays "somewhere on the order of $25,000 to $60,000," according to Tabriz). But hacking's marketplace is similar to that of the arms industry: There are sizable gray areas. Hackers can sell information to middlemen, thereby retaining plausible deniability about how their work will be used. (A middleman could sell a fix back to the company that was exploited, for instance, or pass it along to a criminal network.) Governments are in the mix as well, on the lookout for programs that could weaken their enemies' defenses.

Small world that it is, all these elements converge a few times a year at conferences, which mix continuing-ed lectures with some good old-fashioned Nancy Drew fun—sniffing out the criminality of other attendees. Tabriz dismisses most of this as gossip but nonetheless spurns certain hackers based on industry rumblings. But as the industry grows, so do its grays, and she has some trepidation about finding upstanding recruits in the coming years. "Neighborhoods are safest when everybody knows each other," she says. "And that doesn't necessarily scale as well when you get larger."

Tabriz started at Google in 2007, the tenth to join a small team of hired hackers in charge of software security for the company. Today, more than 250 security engineers protect user data and the company's online infrastructure. Google's Mountain View mother ship, where around a third of its roughly 40,000 employees work, reflects the massive growth. It looks and feels like an anywheresville modern college campus—the buildings are mostly glass, a few of them done in a pale pistachio green. There's a lot of beach grass, and Google bicycle gangs roam the streets, shouting things like, "Yo, hand signals! C'mon, man."

The division Tabriz heads has more than 30 hackers in the U.S. and Europe handling security threats specific to Google's signature Chrome browser. It's easy to see why Tabriz has been picked as management material for a segment of tech that she admits has more than its share of "really socially unadjusted people." She's commanding but not intimidating, the kind of person who'd speak calmly but forcefully for the group during a hostage situation. "Highly motivated and driven" is how Nikita Borisov, Tabriz's graduate-school adviser at the University of Illinois, describes her. But, he adds, she's always been able to connect with others, especially those in the pocket-protector set.

Tabriz does a fair bit of globe-trotting to keep tabs on her staff (she also lived in Zurich for a time) and to give "think like an attacker" seminars to the company's nonhacker engineers. To calcify their hearts a bit, she asks them to devise plans to do such things as rig a vending machine to get free snacks. "There's a lot of similarities with the know-thy-enemy part of war," she says, sounding for a moment more like Sun Tzu than NorCal Glinda.

During the height of this past holiday season, hackers likely based in Eastern Europe or Russia with suspected ties to organized crime stole the credit-card information of 40 million Target shoppers. Similar malware was found lurking in the computers of Neiman Marcus, turning the shopping sanctuary into a credit-report hellscape for the 1.1 million customers whose credit or debit card information was stolen. That these hacks came in close succession alerted many of us to the relative lack of security of personal information, but massive cyber attacks are nothing new. In 2008, more than 130 million credit-card numbers were stolen from Heartland Payment Systems, a major credit-card-payment processor—the largest such theft on record.

But cyber crime isn't all sophisticated stuff. "Basically all forms of criminal activity are migrating to this world," says Douglas Salane, director of the Center for Cybercrime Studies at John Jay College. According to annual reports compiled by the Internet Crime Complaint Center, most cyber crimes in the U.S. are simple scams—someone selling a car he doesn't own, a fake lender duping a homeowner in over her head on payments. Some fraudsters have even posed as hit men, extorting money via e-mail solicitations from their targets.

While Tabriz's team prides itself on daily "silent" updates—"As soon as we fix a security bug, it's automatically pushed to users, and hopefully you don't even know that happened"—they've had their share of high-profile catches. In 2011, they discovered that the Dutch Internet-security-certificate authority, DigiNotar, had been hacked, affecting hundreds of thousands of Iranian Gmail users. The attack, suspected to have been sponsored by the Iranian government, came in a country where a security breach can be a matter of life and death—Iran's cyber police have been known to torture and kill those who "misuse" the Internet.

And then there are groups like Anonymous, a "hacktivist" consortium motivated by a professed commitment to complete Internet freedom. It has bubbled into the popular imagination, thanks to Guy Fawkes masks and its work crippling entities such as PayPal, which the group attacked in 2010 in retaliation for its suspension of Wikileaks.

When Tabriz hears of Anonymous cases, she says her first reaction is embarrassment for the company hit, as in, "Oh, wow, PayPal [had] this weakness in their software." Which isn't to say she approves of Anonymous: She compares their acts to "robbing a convenience store."

While growing the ranks of white-hat hackers is one way to at least stem the tide of cyber crime, security experts are also working on new technologies to tighten user defenses. For the memory challenged among us, the news is good: No more passwords. Computers and accounts will soon be accessed through a physical object—iPhone fingerprint identification is only the beginning. There's a chance that pretty soon smart chips with strong cryptography programs will be embedded in everyday accessories to unlock devices. Some have suggested cell phones for this purpose, but Tabriz is skeptical. "I think phones are designed for men, because they're big and don't fit into your pockets all the time. But I'm always wearing a bra. I usually have earrings"—in other words, someday La Perla and Bulgari could be designing their wares with microchip software in mind. Tech's gender divide has a funny way of popping up where you least expect it, and Tabriz is happy to address it head-on. "If you have ambitions to create technology for the whole world, you need to represent the whole world, and the whole world is not just white men."

Google has faced its own set of problems when it comes to the advancement of women. In its engineering divisions, employees must nominate themselves for promotion rather than counting on managers to do it—a system that practically seems designed to be discriminatory; as Sheryl Sandberg, former Google vice president of global online sales and operations, has noted, women tend to be "more reluctant to apply for promotions even when deserved, often believing that good job performance will naturally lead to rewards." That said, when Google alerted its workforce to an internal study concluding that, indeed, female employees were 20 percent less likely than male to put themselves forward, women's "self-nomination rates rose significantly," according to Sandberg. (Google declined to make its current leaders available for an interview about its gender climate, though Nancy Lee, director of People Operations—think HR—e-mailed: "One of the most important things we can do is to celebrate the contributions of women in technology.")

Tabriz doesn't perceive gender as a negative for her, though she thinks she "may be a little more pushy than the [female] stereotype." Among the young women she mentors, some continue to struggle to navigate Google's at times Darwinian environment, she says, where "you kind of have to demonstrate authority without explicitly having it."

Heidi Shin, a former Google employee who worked closely with engineers, is more blunt. "You talk to male engineers, they're really focused on the product idea, and they explain it in a way where they were the runners, and they were the leaders, even though the project could have been collaborative." And what do women say? " 'This was a group project, and I did this together with the other engineers, and a lot of other people were involved.' "

When and how—or even whether—women will reach parity with men at Google and elsewhere in tech are open questions. Because fewer women study science, technology, engineering, and math, fewer become tech engineers; because there is a smaller pool of female engineers to hire from, not many women get in on the ground floor of the next hot start-up; because only a handful of women make bundles of money from a hot start-up, few can become angel investors who pour money into future ventures. It's a snowball effect that some worry could end up replicating the male-dominated Wall Street culture.

Planet Granite, a rock-climbing gym a few miles from Google's campus, might be the best place to witness Peak Parisa. It's a Monday after work, and she climbs high and by herself, anchored from the ground by her neuroscientist boyfriend. She's lead-climbing, clicking her carabiners into place, in charge of securing herself from a fall as she methodically scales the faux-rock face. It's a steady, rhythmic act, almost balletic: Clip, leg up, straighten. Clip, leg up, straighten. Soon she is four or five stories up in the air, a slight figure in black amid the canopy of ropes and the confetti of rainbow-colored footholds marking trails to the ceiling of the warehouse space.

Lots of the other climbers here are Google employees—it's a favorite pastime of the type-A software engineers who litter the area, which makes sense given that wall routes are called "problems" and solving them is a largely solo endeavor done in midair. And it's funny to see how normal they all look, standing around in their Patagonia gear, these people who brought us now ubiquitous street maps and excellent e-mail design, and, however inadvertently, helped usher in a jarring new reality about privacy. They seem so nice, so trustworthy, as they work the ropes for their climbing friends perched on high precipices. And we have trusted them almost wholeheartedly up until recently, because they seem to have the best of intentions. But who's to say they always will? What, for instance, keeps Tabriz from hacking into an ex-boyfriend's e-mail? "Just because you can do something doesn't mean you do do something," she says simply.

Is it chilling or heartening that it comes down to plain old trust in your fellow man? Google and Facebook and all their predecessors have transformed this valley from edenic orchards into a Prius-clogged suburban corridor on the backs of the wild horses of innovation. But there's no way to hack a lack of good faith.

At the very least, Tabriz trusts herself to keep us from harm. And 50 feet off the ground, calmly straddling a precarious spot where the planes of two walls converge to a sharp point, where she is caught literally between a rock and a hard place, she seems like exactly the right woman for the job.